HEX
Server: Apache/2.4.62 (Unix) OpenSSL/1.1.1k
System: Linux box12.multicloud.host 4.18.0-553.52.1.el8_10.x86_64 #1 SMP Wed May 14 09:36:12 EDT 2025 x86_64
User: kashmira (1008)
PHP: 8.1.32
Disabled: NONE
$ pwd: /usr/local/maldetect.bk2730582/logs/
Upload Files
File: //usr/local/maldetect.bk2730582/logs/event_log
Aug 13 2025 03:22:58 box12 maldet(1322225): {sigup} performing signature update check...
Aug 13 2025 03:22:58 box12 maldet(1322225): {sigup} local signature set is version 20250225482944
Aug 13 2025 03:23:45 box12 maldet(1322225): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2025 03:23:45 box12 maldet(1322225): {sigup} new signature set error code: 525 available
Aug 13 2025 03:23:45 box12 maldet(1322225): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:24:20 box12 maldet(1322225): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:24:40 box12 maldet(1322225): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 13 2025 03:24:40 box12 maldet(1322225): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:25:25 box12 maldet(1322225): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:25:44 box12 maldet(1322225): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 13 2025 03:25:44 box12 maldet(1322225): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:25:44 box12 maldet(1322225): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:25:44 box12 maldet(1321790): {update} completed update v1.6.6 3a1792 => v1.6.6 359d25, running signature updates...
Aug 13 2025 03:25:44 box12 maldet(1322666): {sigup} performing signature update check...
Aug 13 2025 03:25:44 box12 maldet(1322666): {sigup} local signature set is version 20250225482944
Aug 13 2025 03:26:04 box12 maldet(1322666): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2025 03:26:04 box12 maldet(1322666): {sigup} new signature set error code: 522 available
Aug 13 2025 03:26:04 box12 maldet(1322666): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:26:05 box12 maldet(1322666): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:26:24 box12 maldet(1322666): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 13 2025 03:26:24 box12 maldet(1322666): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:26:58 box12 maldet(1322666): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:27:18 box12 maldet(1322666): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 13 2025 03:27:18 box12 maldet(1322666): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:27:18 box12 maldet(1322666): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:27:18 box12 maldet(1321790): {update} update and config import completed
Aug 13 2025 03:27:18 box12 maldet(1323016): {sigup} performing signature update check...
Aug 13 2025 03:27:18 box12 maldet(1323016): {sigup} local signature set is version 20250225482944
Aug 13 2025 03:27:38 box12 maldet(1323016): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 13 2025 03:27:38 box12 maldet(1323016): {sigup} new signature set error code: 522 available
Aug 13 2025 03:27:38 box12 maldet(1323016): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:28:26 box12 maldet(1323016): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 13 2025 03:29:16 box12 maldet(1323016): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 13 2025 03:29:16 box12 maldet(1323016): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:29:35 box12 maldet(1323016): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 13 2025 03:29:55 box12 maldet(1323016): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 13 2025 03:29:55 box12 maldet(1323016): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:29:55 box12 maldet(1323016): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 13 2025 03:29:55 box12 maldet(1323359): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 13 2025 03:29:55 box12 maldet(1323359): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 13 2025 03:29:55 box12 maldet(1323359): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 13 2025 03:29:55 box12 maldet(1323359): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 13 2025 03:29:55 box12 maldet(1323359): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 13 2025 03:29:58 box12 maldet(1323359): {scan} file list completed in 3s, found 4765 files...
Aug 13 2025 03:29:58 box12 maldet(1323359): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 13 2025 03:29:58 box12 maldet(1323359): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 13 2025 03:29:58 box12 maldet(1323359): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (4765 files) in progress...
Aug 13 2025 03:31:01 box12 maldet(1323359): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 4765, malware hits 0, cleaned hits 0, time 66s
Aug 13 2025 03:31:01 box12 maldet(1323359): {scan} scan report saved, to view run: maldet --report 250813-0329.1323359
Aug 14 2025 03:12:19 box12 maldet(1469046): {update} checking for available updates...
Aug 14 2025 03:12:19 box12 maldet(1469046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 14 2025 03:12:19 box12 maldet(1469046): {update} hashing install files and checking against server...
Aug 14 2025 03:12:20 box12 maldet(1469046): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 14 2025 03:12:20 box12 maldet(1469046): {update} latest version already installed.
Aug 14 2025 03:12:20 box12 maldet(1469159): {sigup} performing signature update check...
Aug 14 2025 03:12:20 box12 maldet(1469159): {sigup} local signature set is version 20250225482944
Aug 14 2025 03:12:20 box12 maldet(1469159): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 14 2025 03:12:20 box12 maldet(1469159): {sigup} new signature set 202508132610702 available
Aug 14 2025 03:12:20 box12 maldet(1469159): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 14 2025 03:12:21 box12 maldet(1469159): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 14 2025 03:12:21 box12 maldet(1469159): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 14 2025 03:12:21 box12 maldet(1469159): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 14 2025 03:12:21 box12 maldet(1469159): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} verified md5sum of maldet-clean.tgz
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} unpacked and installed maldet-clean.tgz
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} signature set update completed
Aug 14 2025 03:12:22 box12 maldet(1469159): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 14 2025 03:12:22 box12 maldet(1469365): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 14 2025 03:12:22 box12 maldet(1469365): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 14 2025 03:12:22 box12 maldet(1469365): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 14 2025 03:12:22 box12 maldet(1469365): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 14 2025 03:12:22 box12 maldet(1469365): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 14 2025 03:12:23 box12 maldet(1469365): {scan} file list completed in 1s, found 434 files...
Aug 14 2025 03:12:23 box12 maldet(1469365): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 14 2025 03:12:23 box12 maldet(1469365): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 14 2025 03:12:23 box12 maldet(1469365): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (434 files) in progress...
Aug 14 2025 03:12:47 box12 maldet(1469365): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 434, malware hits 0, cleaned hits 0, time 25s
Aug 14 2025 03:12:47 box12 maldet(1469365): {scan} scan report saved, to view run: maldet --report 250814-0312.1469365
Aug 15 2025 03:28:54 box12 maldet(1623989): {update} checking for available updates...
Aug 15 2025 03:28:54 box12 maldet(1623989): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 15 2025 03:28:54 box12 maldet(1623989): {update} hashing install files and checking against server...
Aug 15 2025 03:28:55 box12 maldet(1623989): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 15 2025 03:28:55 box12 maldet(1623989): {update} latest version already installed.
Aug 15 2025 03:28:55 box12 maldet(1624103): {sigup} performing signature update check...
Aug 15 2025 03:28:55 box12 maldet(1624103): {sigup} local signature set is version 202508132610702
Aug 15 2025 03:28:55 box12 maldet(1624103): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 15 2025 03:28:55 box12 maldet(1624103): {sigup} latest signature set already installed
Aug 15 2025 03:28:55 box12 maldet(1624195): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 15 2025 03:28:55 box12 maldet(1624195): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 15 2025 03:28:55 box12 maldet(1624195): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 15 2025 03:28:55 box12 maldet(1624195): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 15 2025 03:28:55 box12 maldet(1624195): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 15 2025 03:28:56 box12 maldet(1624195): {scan} file list completed in 1s, found 109 files...
Aug 15 2025 03:28:56 box12 maldet(1624195): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 15 2025 03:28:56 box12 maldet(1624195): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 15 2025 03:28:56 box12 maldet(1624195): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (109 files) in progress...
Aug 15 2025 03:29:17 box12 maldet(1624195): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 109, malware hits 0, cleaned hits 0, time 22s
Aug 15 2025 03:29:17 box12 maldet(1624195): {scan} scan report saved, to view run: maldet --report 250815-0328.1624195
Aug 16 2025 03:43:54 box12 maldet(1775589): {update} checking for available updates...
Aug 16 2025 03:44:15 box12 maldet(1775589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 16 2025 03:44:15 box12 maldet(1775589): {update} hashing install files and checking against server...
Aug 16 2025 03:44:15 box12 maldet(1775589): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 16 2025 03:44:16 box12 maldet(1775589): {update} latest version already installed.
Aug 16 2025 03:44:16 box12 maldet(1775759): {sigup} performing signature update check...
Aug 16 2025 03:44:16 box12 maldet(1775759): {sigup} local signature set is version 202508132610702
Aug 16 2025 03:44:37 box12 maldet(1775759): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 16 2025 03:44:37 box12 maldet(1775759): {sigup} latest signature set already installed
Aug 16 2025 03:44:37 box12 maldet(1775861): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 16 2025 03:44:37 box12 maldet(1775861): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 16 2025 03:44:37 box12 maldet(1775861): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 16 2025 03:44:37 box12 maldet(1775861): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 16 2025 03:44:37 box12 maldet(1775861): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 16 2025 03:44:38 box12 maldet(1775861): {scan} file list completed in 1s, found 651 files...
Aug 16 2025 03:44:38 box12 maldet(1775861): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 16 2025 03:44:38 box12 maldet(1775861): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 16 2025 03:44:38 box12 maldet(1775861): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (651 files) in progress...
Aug 16 2025 03:45:04 box12 maldet(1775861): {hit} malware hit {HEX}php.base64.inject.180 found for /tmp/php1TAgoO
Aug 16 2025 03:45:04 box12 maldet(1775861): {hit} malware hit {HEX}php.base64.inject.180 found for /tmp/php90JSF0
Aug 16 2025 03:45:04 box12 maldet(1775861): {hit} malware hit {HEX}php.base64.inject.180 found for /tmp/phpfEkdp7
Aug 16 2025 03:45:05 box12 maldet(1775861): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 651, malware hits 3, cleaned hits 0, time 27s
Aug 16 2025 03:45:05 box12 maldet(1775861): {scan} scan report saved, to view run: maldet --report 250816-0344.1775861
Aug 16 2025 03:45:05 box12 maldet(1775861): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250816-0344.1775861
Aug 17 2025 03:36:42 box12 maldet(1929221): {update} checking for available updates...
Aug 17 2025 03:36:59 box12 maldet(1929221): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 17 2025 03:37:00 box12 maldet(1929221): {update} hashing install files and checking against server...
Aug 17 2025 03:37:17 box12 maldet(1929221): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 17 2025 03:37:17 box12 maldet(1929221): {update} latest version already installed.
Aug 17 2025 03:37:17 box12 maldet(1929404): {sigup} performing signature update check...
Aug 17 2025 03:37:17 box12 maldet(1929404): {sigup} local signature set is version 202508132610702
Aug 17 2025 03:37:32 box12 maldet(1929404): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 17 2025 03:37:32 box12 maldet(1929404): {sigup} latest signature set already installed
Aug 17 2025 03:37:33 box12 maldet(1929513): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 17 2025 03:37:33 box12 maldet(1929513): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 17 2025 03:37:33 box12 maldet(1929513): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 17 2025 03:37:33 box12 maldet(1929513): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 17 2025 03:37:33 box12 maldet(1929513): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 17 2025 03:37:34 box12 maldet(1929513): {scan} file list completed in 1s, found 355 files...
Aug 17 2025 03:37:34 box12 maldet(1929513): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 17 2025 03:37:34 box12 maldet(1929513): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 17 2025 03:37:34 box12 maldet(1929513): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (355 files) in progress...
Aug 17 2025 03:37:54 box12 maldet(1929513): {hit} malware hit {HEX}php.base64.inject.180 found for /tmp/phpj6RdZH
Aug 17 2025 03:37:54 box12 maldet(1929513): {hit} malware hit {CAV}Win.Trojan.Hide-1 found for /tmp/phpHt7hng
Aug 17 2025 03:37:54 box12 maldet(1929513): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 355, malware hits 2, cleaned hits 0, time 21s
Aug 17 2025 03:37:54 box12 maldet(1929513): {scan} scan report saved, to view run: maldet --report 250817-0337.1929513
Aug 17 2025 03:37:54 box12 maldet(1929513): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250817-0337.1929513
Aug 18 2025 03:30:26 box12 maldet(2081803): {update} checking for available updates...
Aug 18 2025 03:30:30 box12 maldet(2081803): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 18 2025 03:30:30 box12 maldet(2081803): {update} hashing install files and checking against server...
Aug 18 2025 03:30:35 box12 maldet(2081803): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 18 2025 03:30:35 box12 maldet(2081803): {update} latest version already installed.
Aug 18 2025 03:30:35 box12 maldet(2081927): {sigup} performing signature update check...
Aug 18 2025 03:30:35 box12 maldet(2081927): {sigup} local signature set is version 202508132610702
Aug 18 2025 03:30:42 box12 maldet(2081927): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 18 2025 03:30:42 box12 maldet(2081927): {sigup} latest signature set already installed
Aug 18 2025 03:30:42 box12 maldet(2082021): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 18 2025 03:30:42 box12 maldet(2082021): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 18 2025 03:30:42 box12 maldet(2082021): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 18 2025 03:30:42 box12 maldet(2082021): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 18 2025 03:30:42 box12 maldet(2082021): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 18 2025 03:30:43 box12 maldet(2082021): {scan} file list completed in 1s, found 534 files...
Aug 18 2025 03:30:43 box12 maldet(2082021): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 18 2025 03:30:43 box12 maldet(2082021): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 18 2025 03:30:43 box12 maldet(2082021): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (534 files) in progress...
Aug 18 2025 03:31:07 box12 maldet(2082021): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 534, malware hits 0, cleaned hits 0, time 25s
Aug 18 2025 03:31:07 box12 maldet(2082021): {scan} scan report saved, to view run: maldet --report 250818-0330.2082021
Aug 19 2025 03:19:44 box12 maldet(2240260): {update} checking for available updates...
Aug 19 2025 03:20:19 box12 maldet(2240260): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 19 2025 03:20:19 box12 maldet(2240260): {update} hashing install files and checking against server...
Aug 19 2025 03:20:39 box12 maldet(2240260): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 19 2025 03:20:39 box12 maldet(2240260): {update} version check shows latest but hash check failed, forcing update...
Aug 19 2025 03:20:39 box12 maldet(2240260): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Aug 19 2025 03:21:19 box12 maldet(2240260): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Aug 19 2025 03:21:19 box12 maldet(2240260): {update} unable to verify md5sum of maldetect-current.tar.gz, update failed!
Aug 19 2025 03:21:19 box12 maldet(2240619): {sigup} performing signature update check...
Aug 19 2025 03:21:19 box12 maldet(2240619): {sigup} local signature set is version 202508132610702
Aug 19 2025 03:21:39 box12 maldet(2240619): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 19 2025 03:21:39 box12 maldet(2240619): {sigup} new signature set error code: 522 available
Aug 19 2025 03:21:39 box12 maldet(2240619): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 19 2025 03:22:23 box12 maldet(2240619): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 19 2025 03:23:10 box12 maldet(2240619): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 19 2025 03:23:10 box12 maldet(2240619): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 19 2025 03:23:38 box12 maldet(2240619): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 19 2025 03:24:25 box12 maldet(2240619): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 19 2025 03:24:25 box12 maldet(2240619): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 19 2025 03:24:25 box12 maldet(2240619): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 19 2025 03:24:25 box12 maldet(2241053): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 19 2025 03:24:25 box12 maldet(2241053): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 19 2025 03:24:25 box12 maldet(2241053): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 19 2025 03:24:25 box12 maldet(2241053): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 19 2025 03:24:25 box12 maldet(2241053): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 19 2025 03:24:26 box12 maldet(2241053): {scan} file list completed in 1s, found 215 files...
Aug 19 2025 03:24:26 box12 maldet(2241053): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 19 2025 03:24:26 box12 maldet(2241053): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 19 2025 03:24:26 box12 maldet(2241053): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (215 files) in progress...
Aug 19 2025 03:24:46 box12 maldet(2241053): {hit} malware hit {YARA}php_in_image found for /tmp/phpm0lH2F
Aug 19 2025 03:24:46 box12 maldet(2241053): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 215, malware hits 1, cleaned hits 0, time 21s
Aug 19 2025 03:24:46 box12 maldet(2241053): {scan} scan report saved, to view run: maldet --report 250819-0324.2241053
Aug 19 2025 03:24:46 box12 maldet(2241053): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250819-0324.2241053
Aug 20 2025 03:49:47 box12 maldet(2403949): {update} checking for available updates...
Aug 20 2025 03:50:18 box12 maldet(2403949): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 20 2025 03:50:18 box12 maldet(2403949): {update} hashing install files and checking against server...
Aug 20 2025 03:50:53 box12 maldet(2403949): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 20 2025 03:50:53 box12 maldet(2403949): {update} latest version already installed.
Aug 20 2025 03:50:53 box12 maldet(2404213): {sigup} performing signature update check...
Aug 20 2025 03:50:53 box12 maldet(2404213): {sigup} local signature set is version 202508132610702
Aug 20 2025 03:51:25 box12 maldet(2404213): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 20 2025 03:51:25 box12 maldet(2404213): {sigup} new signature set 20250819706470 available
Aug 20 2025 03:51:25 box12 maldet(2404213): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 20 2025 03:52:10 box12 maldet(2404213): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 20 2025 03:53:15 box12 maldet(2404213): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 20 2025 03:53:15 box12 maldet(2404213): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 20 2025 03:53:34 box12 maldet(2404213): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 20 2025 03:53:54 box12 maldet(2404213): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 20 2025 03:53:54 box12 maldet(2404213): {sigup} unable to verify md5sum of maldet-sigpack.tgz, please try again or contact proj@rfxn.com
Aug 20 2025 03:53:54 box12 maldet(2404213): {sigup} unable to verify md5sum of maldet-clean.tgz, please try again or contact proj@rfxn.com
Aug 20 2025 03:53:54 box12 maldet(2404944): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 20 2025 03:53:54 box12 maldet(2404944): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 20 2025 03:53:54 box12 maldet(2404944): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 20 2025 03:53:54 box12 maldet(2404944): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 20 2025 03:53:54 box12 maldet(2404944): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 20 2025 03:53:55 box12 maldet(2404944): {scan} file list completed in 1s, found 125 files...
Aug 20 2025 03:53:55 box12 maldet(2404944): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 20 2025 03:53:55 box12 maldet(2404944): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 20 2025 03:53:55 box12 maldet(2404944): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (125 files) in progress...
Aug 20 2025 03:54:16 box12 maldet(2404944): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 125, malware hits 0, cleaned hits 0, time 22s
Aug 20 2025 03:54:16 box12 maldet(2404944): {scan} scan report saved, to view run: maldet --report 250820-0353.2404944
Aug 21 2025 03:21:09 box12 maldet(2570485): {update} checking for available updates...
Aug 21 2025 03:21:10 box12 maldet(2570485): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 21 2025 03:21:10 box12 maldet(2570485): {update} hashing install files and checking against server...
Aug 21 2025 03:21:11 box12 maldet(2570485): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 21 2025 03:21:11 box12 maldet(2570485): {update} latest version already installed.
Aug 21 2025 03:21:11 box12 maldet(2570598): {sigup} performing signature update check...
Aug 21 2025 03:21:11 box12 maldet(2570598): {sigup} local signature set is version 202508132610702
Aug 21 2025 03:21:12 box12 maldet(2570598): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet.sigs.ver
Aug 21 2025 03:21:12 box12 maldet(2570598): {sigup} new signature set 20250819706470 available
Aug 21 2025 03:21:12 box12 maldet(2570598): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 21 2025 03:21:14 box12 maldet(2570598): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
Aug 21 2025 03:21:14 box12 maldet(2570598): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-sigpack.tgz.md5
Aug 21 2025 03:21:14 box12 maldet(2570598): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 21 2025 03:21:14 box12 maldet(2570598): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} downloaded https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz.md5
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} verified md5sum of maldet-sigpack.tgz
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} unpacked and installed maldet-sigpack.tgz
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} verified md5sum of maldet-clean.tgz
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} unpacked and installed maldet-clean.tgz
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} signature set update completed
Aug 21 2025 03:21:15 box12 maldet(2570598): {sigup} 17638 signatures (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 21 2025 03:21:15 box12 maldet(2570817): {scan} launching scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ changes in last 1d to background, see /usr/local/maldetect/logs/event_log for progress
Aug 21 2025 03:21:15 box12 maldet(2570817): {scan} signatures loaded: 17638 (14801 MD5 | 2054 HEX | 783 YARA | 0 USER)
Aug 21 2025 03:21:15 box12 maldet(2570817): {scan} building file list for /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ of new/modified files from last 1 days, this might take awhile...
Aug 21 2025 03:21:15 box12 maldet(2570817): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
Aug 21 2025 03:21:15 box12 maldet(2570817): {scan} executed /bin/nice -n 19 /bin/ionice -c2 -n 6 /bin/find /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ /tmp /var/tmp /dev/shm  -path "/usr/local/maldetect" -prune -o -maxdepth 15 -regextype posix-egrep \( -mtime -1 -o -ctime -1 \) -type f -size +24c -size -6947618c  -not -perm 000   -not -uid 0 -not -gid 0  
Aug 21 2025 03:21:16 box12 maldet(2570817): {scan} file list completed in 1s, found 3213 files...
Aug 21 2025 03:21:16 box12 maldet(2570817): {scan} no $mail or $sendmail binaries found, e-mail alerts disabled.
Aug 21 2025 03:21:16 box12 maldet(2570817): {scan} found clamav binary at /bin/clamscan, using clamav scanner engine...
Aug 21 2025 03:21:16 box12 maldet(2570817): {scan} scan of /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/ (3213 files) in progress...
Aug 21 2025 03:22:00 box12 maldet(2570817): {hit} malware hit {HEX}php.base64.inject.179 found for /tmp/phpMrisow
Aug 21 2025 03:22:00 box12 maldet(2570817): {scan} scan completed on /home?/?/public_html/,/var/www/,/usr/local/apache/htdocs/: files 3213, malware hits 1, cleaned hits 0, time 45s
Aug 21 2025 03:22:00 box12 maldet(2570817): {scan} scan report saved, to view run: maldet --report 250821-0321.2570817
Aug 21 2025 03:22:00 box12 maldet(2570817): {scan} quarantine is disabled! set quarantine_hits=1 in conf.maldet or to quarantine results run: maldet -q 250821-0321.2570817
Aug 22 2025 03:29:06 box12 maldet(2730155): {update} checking for available updates...
Aug 22 2025 03:29:55 box12 maldet(2730155): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.ver
Aug 22 2025 03:29:55 box12 maldet(2730155): {update} hashing install files and checking against server...
Aug 22 2025 03:30:35 box12 maldet(2730155): {update} downloaded https://cdn.rfxn.com/downloads/maldet.current.hash
Aug 22 2025 03:30:35 box12 maldet(2730155): {update} version check shows latest but hash check failed, forcing update...
Aug 22 2025 03:30:35 box12 maldet(2730155): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz
Aug 22 2025 03:31:20 box12 maldet(2730155): {update} downloaded https://cdn.rfxn.com/downloads/maldetect-current.tar.gz.md5
Aug 22 2025 03:31:20 box12 maldet(2730155): {update} verified md5sum of maldetect-current.tar.gz
@ Telegram